NCIS Report is on the web

[Yaman Akdeniz]

NCIS Report: Project Trawler: Crime On The Information
Highways, June 1999, is at http://www.ncis.co.uk/newpage1.htm

Yaman

Key Finding of the Report

Crime on the `information highways' is multi-faceted. It includes
targeting of computers themselves by hackers, crimes across the new
medium and the facilitation of crimes in the physical world by more
anonymous or secure communications.

Authoritative statistics are not available to gauge the present scale
of `computer crimes'. However, Internet paedophilia, computer misuse
(hacking and viruses), telecommunications fraud, software piracy, and
the availability of illicit or unlicensed products and services are
offences already making themselves felt. Emerging problems include
fraud, audio piracy, and criminals' use of secure Internet
communications. The UK has yet to prosecute a case of cyber-stalking.

Computer misuse offences encompass a range of offences, with a number
of hacking methods and malicious programs available, requiring
varying degrees of technical prowess and causing different levels of
damage. A variety of motives lie behind the attacks and not all
hackers and virus writers pose the same threat. The vast majority of
incidents are nuisance attacks rather than serious, malicious
assaults, but victims of the former may still suffer financially
(e.g. through computer downtime).

In future, NCIS anticipates more computer misuse offences inspired by
political motives, hacking for information with financial value (e.g.
credit card details, insider trading information, commercial
espionage), and continued `work rage' assaults and acts of mischief.
The turn of the millennium is likely to spur some program writers to
create viruses which will be triggered by the 1/1/2000 date.

NCIS assesses that Internet fraud is an emerging threat that will
increase significantly in the coming years, albeit from a low base.
The huge growth in the Internet population and in e-commerce will
provide opportunities for fraud, with share-pushing being a
particularly simple and effective means of defrauding innocent
investors and making large sums of money. Compared with the totality
of fraud, however, the significance of Internet fraud should not be
over-stated.

Poorly designed and controlled electronic payment systems would pose
a serious risk to law enforcement efforts to counter money laundering
operations. However, well-designed and effectively controlled systems
might well be positively unattractive to money launderers, and might
even divorce their cash flows from the legitimate marketplace, thus
offering opportunities for identification.

Software piracy is a boom business. The experience of the software
industry is likely to be a harbinger of the troubles ahead for the
phonographic and video industries. 

E-mail harassment will increase as Internet usage grows. 

Paedophiles are using the Internet to disseminate child pornography,
to market videos and magazines for commercial sale, to promote
opinions seeking to rationalise and legitimate sexual fantasies about
children and sexual encounters with them, and to solicit children.
International law enforcement operations have had some notable
successes in catching offenders.

NCIS does not assess the risks or scale of criminal activity on the
Internet to be as extensive as sometimes portrayed. However, certain
threats are emerging and there is merit in taking suitable
preventative steps now to avoid having to deal with a greater problem
at a later date. Government, law enforcement, industry and users all
have a role to play in ensuring that the `information highways' do
not become a seductive environment for criminals.

Users heeding the warning of `buyer beware', and organisations
implementing and observing appropriate information security policies,
will help to minimise the threats faced. Law enforcement must have
suitable capabilities to detect and prosecute offenders, and there
must be fitting penalties to punish those guilty of offences.
Industry's development of digital signatures and `watermarks' has
considerable potential as a tool to prevent crime. 

Widespread use of secure encryption will curtail opportunities for
certain kinds of `computer crime' - it can be used for secure storage
of information (anti-hacking), to protect intellectual property
(anti-piracy), and to prevent defrauding of firms and individuals.
Unfortunately, secure encryption will also help Organised Crime,
paedophile rings and other criminals to communicate without risk of
detection. 

Criminals will make ever more use of Internet communications to
organise their illegal activities. Consequently, existing law
enforcement capabilities, in prescribed circumstances, to lawfully
intercept communications and interrogate seized computers, will be
eroded. Potentially, this would seriously damage law enforcement's
ability to fight serious and organised crime.

In the information age, significant opportunities for gain exist    
for those who are best able to utilise both technology and
information - who will do the better job, the criminal or those
seeking to prevent or detect crime?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Mr. Yaman Akdeniz,
Director, Cyber-Rights & Cyber-Liberties (UK)
URL: http://www.cyber-rights.org
E-mail: lawya@cyber-rights.org

Read the CR&CL (UK) Reports at:
http://www.cyber-rights.org/reports/ 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~